Slide 1
Slide 1 text
ϓϨΠϒοΫͷݕূڥΛ
docker-composeͰ࡞ͬͨ
͋ΜͰ͌ʔ
@answer_d
Slide 2
Slide 2 text
ࣗݾհ
• SIer
• Πϯϑϥ͞Μ αʔόߏஙϚϯ
• ʮAnsible͍ͬͯ͜͏Ͷʔʯͳ৬͚ͩͲීٴඍົ
Slide 3
Slide 3 text
͋ΔͷͰ͖͝ͱ
Slide 4
Slide 4 text
͋ΜͰ͌ʔ͘ΜAnsible
Ͱ͖ΔΜͩΑͶʁ
ͪΐͬͱͬͯΑʂ
͔͜͠·Γ
Slide 5
Slide 5 text
։ൃڥʁ
ͳ͍ΑɺඞཁͩͬͨΒԿ͔ߟ͑ͯ
Slide 6
Slide 6 text
ΦϯϓϨҊ݅͋Δ͋Δ(͔ʁ)
Slide 7
Slide 7 text
ຊ൪ ։ൃ
౦
։ൃڥ(·ͩ)ͳ͍
Slide 8
Slide 8 text
ຊ൪ ։ൃ
౦
(Ծʹ͋ͬͯ)ߏҧ͏
2ϊʔυΫϥελ → γϯάϧ
౦ܥ → ౦ͷΈ
ػೳ͝ͱʹαʔόׂ → ूͯ͠1
IPશવҧ͏
Slide 9
Slide 9 text
ϓϨΠϒοΫͷ࣭֬อ
Ͳ͏͠Α͏ɾɾɾ
Slide 10
Slide 10 text
Ͱ͖Ε
ຊ൪Ͱྲྀ͢ϓϨΠϒοΫΛ
ͦͷ··ྲྀͯ͠ಈ࡞֬ೝ͍ͨ͠
Slide 11
Slide 11 text
DockerͰͰ͖ΔΜ͡ΌͶʁ
Slide 12
Slide 12 text
Γ·ͨ͠
Slide 13
Slide 13 text
ͬͨ͜ͱ
• CentOSͷίϯςφͨ͘͞Μ → ຊ൪ڥͲ͖
ɾ 1ίϯςφ = 1αʔό(ͷΑ͏ͳԿ͔)
• docker-composeͰ·ͱΊ্ͯ͛Լ͛
• Ͱ͖Δ͚ͩຊ൪ڥΛ࠶ݱ
ɾ ݻఆIP
ɾ hostsͰ໊લղܾ
Slide 14
Slide 14 text
͍ํΠϝʔδ
Slide 15
Slide 15 text
$ docker-compose up
up!
͚ͩʂ
ຊ൪Ͳ͖ίϯςφୡ
Slide 16
Slide 16 text
࡞ͬͨͭ
Slide 17
Slide 17 text
Dockerfile
Slide 18
Slide 18 text
FROM centos:7
RUN true \
&& echo ‘proxy=http://proxygate.sample:8080' >> /etc/yum.conf \
&& yum -y install epel-release \
&& yum -y install ansible openssh-clients openssh-server \
&& yum -y install libuuid.i686 libuuid.x86_64 libgcc.i686 libgcc.x86_64 \
&& yum -y clean all \
&& sed -i '$d' /etc/yum.conf \
&& true
RUN true \
&& ssh-keygen -A -N '' \
&& sed -i 's/#PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/
sshd_config \
&& true
RUN true \
&& groupadd -g 1000 sampleuser \
&& useradd -N -g sampleuser -u 1000 sampleuser \
&& echo ‘sampleuser:$6$<ϋογϡ>’ | chpasswd --encrypted \
&& echo ‘root:$6$<ϋογϡ>' | chpasswd --encrypted \
&& true
CMD [“/sbin/init"]
Slide 19
Slide 19 text
FROM centos:7
RUN true \
&& echo ‘proxy=http://proxygate.sample:8080' >> /etc/yum.conf \
&& yum -y install epel-release \
&& yum -y install ansible openssh-clients openssh-server \
&& yum -y install libuuid.i686 libuuid.x86_64 libgcc.i686 libgcc.x86_64 \
&& yum -y clean all \
&& sed -i '$d' /etc/yum.conf \
&& true
RUN true \
&& ssh-keygen -A -N '' \
&& sed -i 's/#PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/
sshd_config \
&& true
RUN true \
&& groupadd -g 1000 sampleuser \
&& useradd -N -g sampleuser -u 1000 sampleuser \
&& echo ‘sampleuser:$6$<ϋογϡ>’ | chpasswd --encrypted \
&& echo ‘root:$6$<ϋογϡ>' | chpasswd --encrypted \
&& true
CMD [“/sbin/init"]
CentOSΠϝʔδ͕
ϕʔεͰ
Slide 20
Slide 20 text
FROM centos:7
RUN true \
&& echo ‘proxy=http://proxygate.sample:8080' >> /etc/yum.conf \
&& yum -y install epel-release \
&& yum -y install ansible openssh-clients openssh-server \
&& yum -y install libuuid.i686 libuuid.x86_64 libgcc.i686 libgcc.x86_64 \
&& yum -y clean all \
&& sed -i '$d' /etc/yum.conf \
&& true
RUN true \
&& ssh-keygen -A -N '' \
&& sed -i 's/#PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/
sshd_config \
&& true
RUN true \
&& groupadd -g 1000 sampleuser \
&& useradd -N -g sampleuser -u 1000 sampleuser \
&& echo ‘sampleuser:$6$<ϋογϡ>’ | chpasswd --encrypted \
&& echo ‘root:$6$<ϋογϡ>' | chpasswd --encrypted \
&& true
CMD [“/sbin/init"]
Ansibleͱ͔ೖΕͯ
※ ࣾڥͷͨΊϓϩΩγܦ༝
Slide 21
Slide 21 text
FROM centos:7
RUN true \
&& echo ‘proxy=http://proxygate.sample:8080' >> /etc/yum.conf \
&& yum -y install epel-release \
&& yum -y install ansible openssh-clients openssh-server \
&& yum -y install libuuid.i686 libuuid.x86_64 libgcc.i686 libgcc.x86_64 \
&& yum -y clean all \
&& sed -i '$d' /etc/yum.conf \
&& true
RUN true \
&& ssh-keygen -A -N '' \
&& sed -i 's/#PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/
sshd_config \
&& true
RUN true \
&& groupadd -g 1000 sampleuser \
&& useradd -N -g sampleuser -u 1000 sampleuser \
&& echo ‘sampleuser:$6$<ϋογϡ>’ | chpasswd --encrypted \
&& echo ‘root:$6$<ϋογϡ>' | chpasswd --encrypted \
&& true
CMD [“/sbin/init"]
sshΛຊ൪ͱಉ͡ઃ
ఆʹͯ͠
Slide 22
Slide 22 text
FROM centos:7
RUN true \
&& echo ‘proxy=http://proxygate.sample:8080' >> /etc/yum.conf \
&& yum -y install epel-release \
&& yum -y install ansible openssh-clients openssh-server \
&& yum -y install libuuid.i686 libuuid.x86_64 libgcc.i686 libgcc.x86_64 \
&& yum -y clean all \
&& sed -i '$d' /etc/yum.conf \
&& true
RUN true \
&& ssh-keygen -A -N '' \
&& sed -i 's/#PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/
sshd_config \
&& true
RUN true \
&& groupadd -g 1000 sampleuser \
&& useradd -N -g sampleuser -u 1000 sampleuser \
&& echo ‘sampleuser:$6$<ϋογϡ>’ | chpasswd --encrypted \
&& echo ‘root:$6$<ϋογϡ>' | chpasswd --encrypted \
&& true
CMD [“/sbin/init"]
ຊ൪ͱಉ͡Ϣʔβ
࡞ͬͯ
Slide 23
Slide 23 text
FROM centos:7
RUN true \
&& echo ‘proxy=http://proxygate.sample:8080' >> /etc/yum.conf \
&& yum -y install epel-release \
&& yum -y install ansible openssh-clients openssh-server \
&& yum -y install libuuid.i686 libuuid.x86_64 libgcc.i686 libgcc.x86_64 \
&& yum -y clean all \
&& sed -i '$d' /etc/yum.conf \
&& true
RUN true \
&& ssh-keygen -A -N '' \
&& sed -i 's/#PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/
sshd_config \
&& true
RUN true \
&& groupadd -g 1000 sampleuser \
&& useradd -N -g sampleuser -u 1000 sampleuser \
&& echo ‘sampleuser:$6$<ϋογϡ>’ | chpasswd --encrypted \
&& echo ‘root:$6$<ϋογϡ>' | chpasswd --encrypted \
&& true
CMD [“/sbin/init"]
initϓϩηεΛ࣮ߦ
Slide 24
Slide 24 text
docker-compose.yml
Slide 25
Slide 25 text
version: ‘2'
services:
master:
build:
context: ./images/cent7_ansible
dockerfile: Dockerfile
image: internaltest/cent7_ansible
hostname: master
volumes:
- ../ansible_playbook:/playbook
working_dir: /playbook
networks:
infra_net:
ipv4_address: 192.168.10.1
extra_hosts:
- "master:192.168.10.1"
- "target01:192.168.10.2"
- "target02:192.168.10.3"
- "target03:192.168.10.4"
privileged: true
target01:
image: internaltest/cent7_ansible
hostname: target01
networks:
infra_net:
ipv4_address: 192.168.10.2
privileged: true
target02:
…
target03:
…
networks:
infra_net:
driver: bridge
ipam:
driver: default
config:
- subnet: 192.168.10.0/24
gateway: 192.168.10.254
Slide 26
Slide 26 text
target01:
image: internaltest/cent7_ansible
hostname: target01
networks:
infra_net:
ipv4_address: 192.168.10.2
privileged: true
target02:
…
target03:
…
networks:
infra_net:
driver: bridge
ipam:
driver: default
config:
- subnet: 192.168.10.0/24
gateway: 192.168.10.254
version: ‘2'
services:
master:
build:
context: ./images/cent7_ansible
dockerfile: Dockerfile
image: internaltest/cent7_ansible
hostname: master
volumes:
- ../ansible_playbook:/playbook
working_dir: /playbook
networks:
infra_net:
ipv4_address: 192.168.10.1
extra_hosts:
- "master:192.168.10.1"
- "target01:192.168.10.2"
- "target02:192.168.10.3"
- "target03:192.168.10.4"
privileged: true
Ansibleϗετ
λʔήοτϊʔυୡ
Slide 27
Slide 27 text
version: ‘2'
services:
master:
build:
context: ./images/cent7_ansible
dockerfile: Dockerfile
image: internaltest/cent7_ansible
hostname: master
volumes:
- ../ansible_playbook:/playbook
working_dir: /playbook
networks:
infra_net:
ipv4_address: 192.168.10.1
extra_hosts:
- "master:192.168.10.1"
- "target01:192.168.10.2"
- "target02:192.168.10.3"
- "target03:192.168.10.4"
privileged: true
͖ͬ͞ͷ
Dockerfile
target01:
image: internaltest/cent7_ansible
hostname: target01
networks:
infra_net:
ipv4_address: 192.168.10.2
privileged: true
target02:
…
target03:
…
networks:
infra_net:
driver: bridge
ipam:
driver: default
config:
- subnet: 192.168.10.0/24
gateway: 192.168.10.254
Slide 28
Slide 28 text
version: ‘2'
services:
master:
build:
context: ./images/cent7_ansible
dockerfile: Dockerfile
image: internaltest/cent7_ansible
hostname: master
volumes:
- ../ansible_playbook:/playbook
working_dir: /playbook
networks:
infra_net:
ipv4_address: 192.168.10.1
extra_hosts:
- "master:192.168.10.1"
- "target01:192.168.10.2"
- "target02:192.168.10.3"
- "target03:192.168.10.4"
privileged: true
target01:
image: internaltest/cent7_ansible
hostname: target01
networks:
infra_net:
ipv4_address: 192.168.10.2
privileged: true
target02:
…
target03:
…
networks:
infra_net:
driver: bridge
ipam:
driver: default
config:
- subnet: 192.168.10.0/24
gateway: 192.168.10.254
ݻఆIPׂΓͯ
Slide 29
Slide 29 text
version: ‘2'
services:
master:
build:
context: ./images/cent7_ansible
dockerfile: Dockerfile
image: internaltest/cent7_ansible
hostname: master
volumes:
- ../ansible_playbook:/playbook
working_dir: /playbook
networks:
infra_net:
ipv4_address: 192.168.10.1
extra_hosts:
- "master:192.168.10.1"
- "target01:192.168.10.2"
- "target02:192.168.10.3"
- "target03:192.168.10.4"
privileged: true
hosts
target01:
image: internaltest/cent7_ansible
hostname: target01
networks:
infra_net:
ipv4_address: 192.168.10.2
privileged: true
target02:
…
target03:
…
networks:
infra_net:
driver: bridge
ipam:
driver: default
config:
- subnet: 192.168.10.0/24
gateway: 192.168.10.254
Slide 30
Slide 30 text
Α͔ͬͨ͜ͱ
• ࡞Δͷ؆୯ͩͬͨͷͰ(ແৼΓʹ)
͑Εͨ
• Docker͑͋͞ΕͲ͜Ͱڥ্ཱ͕͕ͪΔ
• ىಈఀࢭVMΑΓૣ͍
• down→up͚ͩͰॳظঢ়ଶʹͳΔͷΊͬͪΌศར
Slide 31
Slide 31 text
·ͱΊ
Slide 32
Slide 32 text
• docker-composeͰϓϨΠϒοΫݕূ͢Δڥ࡞ͬͨ
• ؆୯ʹͰ͖ͯ͘͢͝ศརͩͬͨ
• Ͱࣄલʹ։ൃڥͬͱߟ͑ͯʂʂʂʂʂ(ഭਅ)
Slide 33
Slide 33 text
͝ਗ਼ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠ʂ